FxCI: hacking around #630
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Builds | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - enterprise-main | |
| jobs: | |
| package-tests: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| testing/enterprise/ | |
| python/sites/enterprise-tests.txt | |
| sparse-checkout-cone-mode: false | |
| - name: "generate requirements.txt" | |
| run: | | |
| grep "^pypi:" python/sites/enterprise-tests.txt | sed -e "s/^pypi://g" > testing/enterprise/requirements.txt | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: enterprise-tests | |
| path: testing/enterprise/ | |
| compression-level: 0 | |
| linux-build-vm: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| outputs: | |
| instance_name: ${{ steps.create_vm.outputs.instance_name }} | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: create_vm | |
| uses: ./.github/actions/create-vm | |
| with: | |
| instance_kind: "linux-build" | |
| gcp_machine_type: "c4d-highcpu-48" | |
| extra_labels: "build,LinuxNative" | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| linux-build-vm-clean: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ linux-build-vm, linux-build-opt ] | |
| if: "always()" | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: delete_vm | |
| uses: ./.github/actions/delete-vm | |
| with: | |
| instance_name: ${{ needs.linux-build-vm.outputs.instance_name }} | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| linux-test-vm: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ linux-build-opt ] | |
| outputs: | |
| instance_name: ${{ steps.create_vm.outputs.instance_name }} | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: create_vm | |
| uses: ./.github/actions/create-vm | |
| with: | |
| instance_kind: "linux-test" | |
| gcp_machine_type: "c4d-highcpu-2" | |
| extra_labels: "test,LinuxNative" | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| linux-test-vm-clean: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ linux-test-vm, linux-test ] | |
| if: "always()" | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: delete_vm | |
| uses: ./.github/actions/delete-vm | |
| with: | |
| instance_name: ${{ needs.linux-test-vm.outputs.instance_name }} | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| linux-build-opt: | |
| runs-on: [ self-hosted, LinuxNative, X64 ] | |
| timeout-minutes: 30 | |
| needs: linux-build-vm | |
| env: | |
| MOZCONFIG: ${{ github.workspace }}/build/unix/mozconfig.ci.enterprise | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: "check mozconfig" | |
| run: | | |
| ls -hal $MOZCONFIG | |
| cat $MOZCONFIG | |
| - name: setup | |
| run: | | |
| rustup default 1.86 | |
| - name: build | |
| run: ./mach build | |
| - name: package | |
| env: | |
| RUN_FIND_DUPES: 1 | |
| run: | | |
| ./mach package | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-linux-amd64 | |
| path: obj-*/dist/firefox-*.tar* | |
| compression-level: 0 | |
| - name: "package gcp-eu" | |
| env: | |
| RUN_FIND_DUPES: 1 | |
| run: | | |
| echo 'pref("enterprise.console.address", "https://console-gcp-eu.enterfox.eu");' > obj-*/dist/bin/browser/defaults/preferences/firefox-enterprise.js | |
| ./mach package | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-linux-amd64-gcpEU | |
| path: obj-*/dist/firefox-*.tar* | |
| compression-level: 0 | |
| linux-test: | |
| runs-on: [self-hosted, LinuxNative, X64] | |
| timeout-minutes: 20 | |
| needs: [ linux-test-vm, package-tests ] | |
| steps: | |
| - name: "download firefox build" | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: firefox-linux-amd64 | |
| - name: "download enterprise tests" | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: enterprise-tests | |
| - name: "unpack firefox build" | |
| id: unpack | |
| run: | | |
| tar xf ./obj-*/dist/firefox-*.tar* | |
| RUNTIME_PATH=$(find . -type f -name "firefox") | |
| echo "runtime_path=$RUNTIME_PATH" >> "$GITHUB_OUTPUT" | |
| - name: "install python" | |
| run: | | |
| python3 -m venv venv_tests | |
| - name: "install deps" | |
| run: | | |
| curl -sSL https://github.com/mozilla/geckodriver/releases/download/v0.36.0/geckodriver-v0.36.0-linux64.tar.gz | tar -zxf - | |
| . venv_tests/bin/activate | |
| pip3 install -r requirements.txt | |
| - name: "test firefox start" | |
| run: | | |
| RUNTIME_VERSION=$(${{ steps.unpack.outputs.runtime_path }} --version | awk '{ print $4 }') | |
| sed -e "s/#RUNTIME_VERSION#/${RUNTIME_VERSION}/g" < firefox_start.json.in > firefox_start.json | |
| mkdir -p ./profiles/ | |
| . venv_tests/bin/activate | |
| python3 test_firefox_start.py ${{ steps.unpack.outputs.runtime_path }} $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser starts from felt using CLI argument" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_starts_fromCli.py ${{ steps.unpack.outputs.runtime_path }} $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser starts from felt using environment variable" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_starts_fromEnv.py ${{ steps.unpack.outputs.runtime_path }} $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser about:config is blocked" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_about_config_blocked.py ${{ steps.unpack.outputs.runtime_path }} $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser restart is a quit" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_restart_is_quit.py ${{ steps.unpack.outputs.runtime_path }} $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser restart works" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_restart_works.py ${{ steps.unpack.outputs.runtime_path }} $PWD/geckodriver $PWD/profiles/ | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: linux-tests-results | |
| path: | | |
| geckodriver.log | |
| screenshot_*.png | |
| compression-level: 0 | |
| if: "always()" | |
| windows-build-vm: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| outputs: | |
| instance_name: ${{ steps.create_vm.outputs.instance_name }} | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: create_vm | |
| uses: ./.github/actions/create-vm | |
| with: | |
| instance_kind: "windows-build" | |
| gcp_machine_type: "c4d-highcpu-48" | |
| extra_labels: "build,WinCross" | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| windows-build-vm-clean: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ windows-build-vm, windows-build-opt ] | |
| if: "always()" | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: delete_vm | |
| uses: ./.github/actions/delete-vm | |
| with: | |
| instance_name: ${{ needs.windows-build-vm.outputs.instance_name }} | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| windows-test-vm: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ windows-build-opt ] | |
| outputs: | |
| instance_name: ${{ steps.create_vm.outputs.instance_name }} | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: create_vm | |
| uses: ./.github/actions/create-vm | |
| with: | |
| instance_kind: "windows-test" | |
| gcp_machine_type: "c4d-highcpu-8" | |
| gcp_disk_size: "100" | |
| gcp_disk_source: "disk-2025-dc-v20250813-20250902102015" | |
| gcp_metadata_startup: "--metadata-from-file=windows-startup-script-ps1=./repo-checkout/.github/workflows/windows-startup.ps1" | |
| extra_labels: "test,WinNative" | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| windows-test-vm-clean: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ windows-test-vm, windows-test ] | |
| if: "always()" | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: delete_vm | |
| uses: ./.github/actions/delete-vm | |
| with: | |
| instance_name: ${{ needs.windows-test-vm.outputs.instance_name }} | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| windows-build-opt: | |
| runs-on: [ self-hosted, WinCross, X64 ] | |
| timeout-minutes: 30 | |
| needs: windows-build-vm | |
| env: | |
| MOZCONFIG: ${{ github.workspace }}/build/win64/mozconfig.ci.enterprise | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v5 | |
| - name: "check mozconfig" | |
| run: | | |
| ls -hal $MOZCONFIG | |
| cat $MOZCONFIG | |
| - name: setup | |
| run: | | |
| rustup default 1.86 | |
| rustup target add x86_64-pc-windows-msvc | |
| - name: build | |
| run: | | |
| ./mach build | |
| - name: package | |
| env: | |
| RUN_FIND_DUPES: 1 | |
| run: ./mach package | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-windows-amd64 | |
| path: obj-*/dist/firefox-*.en-US.win64.zip | |
| compression-level: 0 | |
| - name: "package gcp-eu" | |
| env: | |
| RUN_FIND_DUPES: 1 | |
| run: | | |
| echo 'pref("enterprise.console.address", "https://console-gcp-eu.enterfox.eu");' > obj-*/dist/bin/browser/defaults/preferences/firefox-enterprise.js | |
| ./mach package | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-windows-amd64-gcpEU | |
| path: obj-*/dist/firefox-*.en-US.win64.zip | |
| compression-level: 0 | |
| windows-test: | |
| runs-on: [self-hosted, WinNative, X64] | |
| timeout-minutes: 20 | |
| needs: [ windows-test-vm, package-tests ] | |
| steps: | |
| - name: "download firefox build" | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: firefox-windows-amd64 | |
| - name: "download enterprise tests" | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: enterprise-tests | |
| - name: "unpack firefox build" | |
| id: unpack | |
| run: | | |
| $zipFile = Get-ChildItem -Path .\obj-*\dist\firefox-*.win64.zip | Select-Object -First 1 -ExpandProperty FullName | |
| C:\mozilla-build\bin\unzip.exe $zipFile | |
| $firefoxPath = Get-ChildItem -Path .\firefox\firefox.exe | Select-Object -First 1 -ExpandProperty FullName | |
| echo "firefox_path=$firefoxPath" >> $Env:GITHUB_OUTPUT | |
| Invoke-WebRequest -Uri https://github.com/mozilla/geckodriver/releases/download/v0.36.0/geckodriver-v0.36.0-win32.zip -OutFile geckodriver-v0.36.0-win32.zip | |
| C:\mozilla-build\bin\unzip.exe geckodriver-v0.36.0-win32.zip | |
| $geckodriverPath = Join-Path -Path $PWD -ChildPath "geckodriver.exe" | |
| echo "geckodriver_path=$geckodriverPath" >> $Env:GITHUB_OUTPUT | |
| $profilesPath = Join-Path -Path $PWD -ChildPath "profiles" | |
| New-Item -ItemType Directory -Force -Path $profilesPath | |
| echo "profiles_path=$profilesPath" >> $Env:GITHUB_OUTPUT | |
| - name: "install python" | |
| run: | | |
| python3 -m venv venv_tests | |
| . venv_tests\Scripts\activate | |
| pip3 install -r requirements.txt | |
| - name: "test firefox start" | |
| run: | | |
| $runtimeVersion = (Get-Content ".\firefox\application.ini") -match "^Version=" | ForEach-Object { $_.Split('=')[1] } | |
| (Get-Content firefox_start.json.in) -replace '#RUNTIME_VERSION#', $runtimeVersion | Set-Content firefox_start.json | |
| . venv_tests\Scripts\activate | |
| python3 test_firefox_start.py "${{ steps.unpack.outputs.firefox_path }}" "${{ steps.unpack.outputs.geckodriver_path }}" "${{ steps.unpack.outputs.profiles_path }}" | |
| - name: "test browser starts from felt using CLI arg" | |
| run: | | |
| . venv_tests\Scripts\activate | |
| $Env:MOZ_LOG="console:5" | |
| python3 test_felt_browser_starts_fromCli.py "${{ steps.unpack.outputs.firefox_path }}" "${{ steps.unpack.outputs.geckodriver_path }}" "${{ steps.unpack.outputs.profiles_path }}" | |
| - name: "test browser starts from felt using environment variable" | |
| run: | | |
| . venv_tests\Scripts\activate | |
| $Env:MOZ_LOG="console:5" | |
| python3 test_felt_browser_starts_fromEnv.py "${{ steps.unpack.outputs.firefox_path }}" "${{ steps.unpack.outputs.geckodriver_path }}" "${{ steps.unpack.outputs.profiles_path }}" | |
| - name: "test browser about:config is blocked" | |
| run: | | |
| . venv_tests\Scripts\activate | |
| $Env:MOZ_LOG="console:5" | |
| python3 test_felt_browser_about_config_blocked.py "${{ steps.unpack.outputs.firefox_path }}" "${{ steps.unpack.outputs.geckodriver_path }}" "${{ steps.unpack.outputs.profiles_path }}" | |
| - name: "test browser restart is a quit" | |
| run: | | |
| . venv_tests\Scripts\activate | |
| $Env:MOZ_LOG="console:5" | |
| python3 test_felt_browser_restart_is_quit.py "${{ steps.unpack.outputs.firefox_path }}" "${{ steps.unpack.outputs.geckodriver_path }}" "${{ steps.unpack.outputs.profiles_path }}" | |
| - name: "test browser restart works" | |
| run: | | |
| . venv_tests\Scripts\activate | |
| $Env:MOZ_LOG="console:5" | |
| python3 test_felt_browser_restart_works.py "${{ steps.unpack.outputs.firefox_path }}" "${{ steps.unpack.outputs.geckodriver_path }}" "${{ steps.unpack.outputs.profiles_path }}" | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: windows-tests-results | |
| path: | | |
| screenshot_*.png | |
| geckodriver.log | |
| compression-level: 0 | |
| if: "always()" | |
| macOS-build-vm: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| outputs: | |
| instance_name: ${{ steps.create_vm.outputs.instance_name }} | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: create_vm | |
| uses: ./.github/actions/create-vm | |
| with: | |
| instance_kind: "macos-build" | |
| extra_labels: "build,MacCross,ARM64" | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| macOS-build-vm-clean: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| environment: Credentials | |
| needs: [ macOS-build-vm, macOS-build-opt ] | |
| if: "always()" | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| sparse-checkout: | | |
| .github/actions/ | |
| sparse-checkout-cone-mode: false | |
| - id: delete_vm | |
| uses: ./.github/actions/delete-vm | |
| with: | |
| instance_name: ${{ needs.macOS-build-vm.outputs.instance_name }} | |
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | |
| github_runner_token: "${{ secrets.GH_RUNNER_TOKEN }}" | |
| macOS-build-opt: | |
| runs-on: [ self-hosted, MacCross, ARM64 ] | |
| timeout-minutes: 30 | |
| needs: macos-build-vm | |
| env: | |
| MOZCONFIG: ${{ github.workspace }}/build/macosx/mozconfig.ci.enterprise | |
| steps: | |
| - name: "clean state" | |
| id: clean | |
| run: | | |
| rm -fr ./* | |
| - name: checkout | |
| uses: actions/checkout@v5 | |
| - name: "check mozconfig" | |
| run: | | |
| ls -hal $MOZCONFIG | |
| cat $MOZCONFIG | |
| - name: setup | |
| run: | | |
| rustup default 1.86 | |
| rustup target add aarch64-apple-darwin | |
| - name: build | |
| run: | | |
| export PATH=$HOME/.cargo/bin:$PATH | |
| ./mach build | |
| - name: "package unsigned" | |
| env: | |
| RUN_FIND_DUPES: 1 | |
| run: | | |
| export PATH=$HOME/.cargo/bin:$PATH | |
| ./mach package | |
| DMG_FILE=$(find obj-*/dist/ -type f -name "*.mac.dmg") | |
| DMG_UNSIGNED=$(echo "$DMG_FILE" | sed -e "s/.dmg$/.unsigned.dmg/g") | |
| cp "$DMG_FILE" "$DMG_UNSIGNED" | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-macOS-unsigned-aarch64 | |
| path: obj-*/dist/firefox-*.unsigned.dmg* | |
| compression-level: 0 | |
| - name: signature | |
| run: | | |
| export PATH=$HOME/.cargo/bin:$PATH | |
| echo -n "$(uuidgen)" > firefoxEnterprise_pass.p12 | |
| DMG_FILE=$(find obj-*/dist/ -type f -name "*.mac.dmg") | |
| DMG_SIGNED=$(echo "$DMG_FILE" | sed -e "s/.dmg$/.signed.dmg/g") | |
| HFSPLUS_FILE="$(basename $DMG_FILE .dmg).hfsplus" | |
| OBJDIR=$(find obj-* -maxdepth 0 -type d) | |
| rcodesign generate-self-signed-certificate --person-name FirefoxEnterprise --p12-file firefoxEnterprise.p12 --p12-password "$(cat firefoxEnterprise_pass.p12)" | |
| ~/.mozbuild/dmg/dmg extract $DMG_FILE $OBJDIR/dist/$HFSPLUS_FILE | |
| mkdir $OBJDIR/dist/hfs/ | |
| pushd $OBJDIR/dist/hfs/ | |
| ~/.mozbuild/dmg/hfsplus ../$HFSPLUS_FILE extractall | |
| popd | |
| APP_FILE="$(find obj-*/dist/hfs/ -maxdepth 1 -type d -name '*.app')" | |
| ./mach macos-sign -v -c nightly -e developer -r -f firefoxEnterprise.p12 -p firefoxEnterprise_pass.p12 -a "${APP_FILE}" | |
| APP_FILENAME="$(basename "$APP_FILE")" | |
| tar -Jcf $OBJDIR/dist/nightly_signed.tar.gz -C $OBJDIR/dist/hfs/ .background .DS_Store .VolumeIcon.icns "$APP_FILENAME" | |
| ./mach repackage dmg -i $OBJDIR/dist/nightly_signed.tar.gz -o $DMG_SIGNED | |
| rm $OBJDIR/dist/nightly_signed.tar.gz | |
| rm -fr $OBJDIR/dist/hfs/ | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-macOS-signed-aarch64 | |
| path: obj-*/dist/firefox-*.signed.dmg* | |
| compression-level: 0 | |
| - name: "package gcp-eu" | |
| env: | |
| RUN_FIND_DUPES: 1 | |
| run: | | |
| echo 'pref("enterprise.console.address", "https://console-gcp-eu.enterfox.eu");' > obj-*/dist/bin/browser/defaults/preferences/firefox-enterprise.js | |
| ./mach package | |
| - name: "signature gcp-eu" | |
| run: | | |
| export PATH=$HOME/.cargo/bin:$PATH | |
| echo -n "$(uuidgen)" > firefoxEnterprise_pass.p12 | |
| DMG_FILE=$(find obj-*/dist/ -type f -name "*.mac.dmg") | |
| DMG_SIGNED=$(echo "$DMG_FILE" | sed -e "s/.dmg$/.signed.dmg/g") | |
| HFSPLUS_FILE="$(basename $DMG_FILE .dmg).hfsplus" | |
| OBJDIR=$(find obj-* -maxdepth 0 -type d) | |
| rcodesign generate-self-signed-certificate --person-name FirefoxEnterprise --p12-file firefoxEnterprise.p12 --p12-password "$(cat firefoxEnterprise_pass.p12)" | |
| ~/.mozbuild/dmg/dmg extract $DMG_FILE $OBJDIR/dist/$HFSPLUS_FILE | |
| mkdir $OBJDIR/dist/hfs/ | |
| pushd $OBJDIR/dist/hfs/ | |
| ~/.mozbuild/dmg/hfsplus ../$HFSPLUS_FILE extractall | |
| popd | |
| APP_FILE="$(find obj-*/dist/hfs/ -maxdepth 1 -type d -name '*.app')" | |
| ./mach macos-sign -v -c nightly -e developer -r -f firefoxEnterprise.p12 -p firefoxEnterprise_pass.p12 -a "${APP_FILE}" | |
| APP_FILENAME="$(basename "$APP_FILE")" | |
| tar -Jcf $OBJDIR/dist/nightly_signed.tar.gz -C $OBJDIR/dist/hfs/ .background .DS_Store .VolumeIcon.icns "$APP_FILENAME" | |
| ./mach repackage dmg -i $OBJDIR/dist/nightly_signed.tar.gz -o $DMG_SIGNED | |
| rm $OBJDIR/dist/nightly_signed.tar.gz | |
| rm -fr $OBJDIR/dist/hfs/ | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: firefox-macOS-signed-aarch64-gcpEU | |
| path: obj-*/dist/firefox-*.signed.dmg* | |
| compression-level: 0 | |
| macOS-test: | |
| timeout-minutes: 20 | |
| runs-on: [self-hosted, MacNative, ARM64] | |
| needs: [ macOS-build-opt, package-tests ] | |
| steps: | |
| - name: "clean state" | |
| id: clean | |
| run: | | |
| rm -fr ./* | |
| - name: "download firefox build" | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: firefox-macOS-signed-aarch64 | |
| - name: "download enterprise tests" | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: enterprise-tests | |
| - name: "attach" | |
| id: attach | |
| run: | | |
| DMG_FILE=$(find ./obj-aarch64-apple-darwin/dist -type f -name "firefox*.dmg") | |
| MOUNT_DIR=$(hdiutil attach "${DMG_FILE}" | grep "/Volumes" | sed -e "s/.*\/Volumes/\/Volumes/g") | |
| echo "Mounted ${DMG_FILE} at ${MOUNT_DIR}" | |
| echo "mount_dir='${MOUNT_DIR}'" >> "$GITHUB_OUTPUT" | |
| RUNTIME_PATH=$(find "${MOUNT_DIR}" -type f -name "firefox") | |
| echo "runtime_path=$RUNTIME_PATH" >> "$GITHUB_OUTPUT" | |
| codesign -vv "$MOUNT_DIR/Firefox Enterprise.app" | |
| - name: "install python" | |
| run: | | |
| python3 -m venv venv_tests | |
| - name: "install deps" | |
| run: | | |
| curl -sSL https://github.com/mozilla/geckodriver/releases/download/v0.36.0/geckodriver-v0.36.0-macos-aarch64.tar.gz | tar -xf - | |
| . venv_tests/bin/activate | |
| pip3 install -r requirements.txt | |
| - name: "test firefox start" | |
| run: | | |
| RUNTIME_VERSION=$("${{ steps.attach.outputs.runtime_path }}" --version | awk '{ print $4 }') | |
| sed -e "s/#RUNTIME_VERSION#/${RUNTIME_VERSION}/g" < firefox_start.json.in > firefox_start.json | |
| mkdir -p ./profiles/ | |
| . venv_tests/bin/activate | |
| python3 test_firefox_start.py "${{ steps.attach.outputs.runtime_path }}" $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser starts from felt using CLI argument" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_starts_fromCli.py "${{ steps.attach.outputs.runtime_path }}" $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser starts from felt using environment variable" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_starts_fromEnv.py "${{ steps.attach.outputs.runtime_path }}" $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser about:config is blocked" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_about_config_blocked.py "${{ steps.attach.outputs.runtime_path }}" $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser restart is a quit" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_restart_is_quit.py "${{ steps.attach.outputs.runtime_path }}" $PWD/geckodriver $PWD/profiles/ | |
| - name: "test browser restart works" | |
| run: | | |
| . venv_tests/bin/activate | |
| MOZ_LOG=console:5 python3 test_felt_browser_restart_works.py "${{ steps.attach.outputs.runtime_path }}" $PWD/geckodriver $PWD/profiles/ | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: macOS-tests-results | |
| path: | | |
| geckodriver.log | |
| screenshot_*.png | |
| compression-level: 0 | |
| if: "always()" | |
| - name: "detach" | |
| if: "always()" | |
| run: | | |
| pkill -f "${{ steps.attach.outputs.runtime_path }}" | |
| hdiutil unmount -force -whole ${{ steps.attach.outputs.mount_dir }} | |
| rm -fr ./obj-aarch64-apple-darwin/ | |
| lints: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 10 | |
| - name: Cache lint dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo | |
| ~/.npm | |
| ~/.mozbuild | |
| node_modules | |
| key: lint-${{ runner.os }}-${{ hashFiles('package-lock.json', 'Cargo.lock') }} | |
| restore-keys: | | |
| lint-${{ runner.os }}- | |
| - name: Run lint checks | |
| run: | | |
| ./mach lint --outgoing ${{ github.event.pull_request.base.sha }} --warnings |